The Article 29 Working Party (WP29) (consisting of data protection regulators from the 28 Member States) has adopted an Opinion 01/2017 on the proposed e-Privacy Regulation, which will repeal and replace the e-Privacy Directive. Whilst the WP29 welcomes the proposal, it identifies several points of concern, and sets out how the proposal can be improved.
In Rolf Anders Daniel Pihl v Sweden, the European Court of Human Rights (ECHR) agreed with Swedish authorities that a non-profit association was not liable for anonymous defamatory comments posted on its blog. The ECHR held that the Swedish authorities’ refusal to hold the owner of the blog liable for the anonymous defamatory online comment did not violate the European Convention on Human Rights (the Convention).
The Department of Justice and Equality have published a policy document on amending the law relating to the interception of communications. The purpose of interception legislation is to assist in the fight against organised crime and to protect the security of the State.
Irish legislation relating to interception is out-of-date and needs to be amended to provide for lawful interception of email and other forms of communication over the internet. Interception is controlled, to a limited extent, by the Postal and Telecommunications Services Act 1983, and the Interception of Postal Packets and Telecommunications (Regulation) Act 1993. That legislation is restricted to Telecoms and Postal Service providers (i.e. voice calls, text messages and postal packets).
The Government intends to introduce approximately 50 amendments to the current regime, with the primary aim of ensuring that communications services delivered over the internet are covered by our lawful interception legislation. Accordingly, the definition of “information society services” will be amended to cover “internet referencing services, social media“, and “any other entity providing a publicly available means of communication over an electronic communications network.” The definition of “interception” will also be amended to reflect modern communications characteristics. It will essentially be “an action, the effect of which is to make some or all of the content of a communication available to a person“.
The High Court in Muwema v Facebook Ireland Ltd  IEHC 519 held that Facebook had no duty to remove defamatory content posted by an anonymous third party. Justice Binchy did, however, make a Norwich Pharmacal order requiring Facebook to disclose the identity and location of the person operating the page involved.
An Advocate General of the CJEU has expressed his opinion that operators of a free Wi-Fi service, who offer that service to the public, will be protected by the mere conduit defence under the E-Commerce Directive and will therefore not be liable for copyright infringement committed by users of that network. Advocate General Szpunar has published his opinion in response to a series of questions posed to the CJEU in Case C-484/14 Tobias McFadden v Sony Music Entertainment Germany GmbH. The case came about following an illegal download of a musical work in 2010, which prompted Sony to bring an action for damages and injunctive relief against Mr. McFadden – the operator of a business selling and renting lighting and sound systems near Munich which offered the free Wi-Fi network accessible to the public (over which the music work was unlawfully downloaded).
The High Court in the UK has again endorsed the use of predictive coding, ruling it as being the most appropriate and proportionate approach to disclosure despite disagreement between the parties surrounding its use. In a previous blog, we outlined how the UK High Court in the Pyrrho case ruled that predictive coding was appropriate to discharge a parties obligations regarding electronic disclosure.
In the most recent judgment, (yet to be published), the concept of using predictive coding in a disclosure exercise was strongly contested. Berwin Leighton Paisner acting for the respondent note that the petitioner’s solicitors wished to adopt a “traditional” approach to document review, where the inboxes of an agreed a list of custodians would be filtered using an agreed list of search terms, and the responsive documents would be subject to a manual review. It was put to the court that the costs of the traditional approach would be excessive, and that superior results could be achieved at a more proportionate cost using predictive coding.
Under the Copyright Directive (2001/29/EC) the owner of copyright material has the exclusive right to control any "communications to the public" of their protected works.
In an advisory opinion to the Court of Justice of the European Union ("CJEU"), Attorney General Wathelet (the "AG"), recently considered whether the act of posting a hyperlink directing users to infringing content on a third party website would give rise to copyright infringement.
The High Court in the UK has fully endorsed the use of predictive coding in discharging a parties obligation regarding electronic disclosure. Master Matthews, in Pyrrho Investments and others v MWB Property and others  EWHC 256 (Ch), noted in this case that "there were no factors of any weight" to point in the direction of not using predictive coding for the disclosure process. This is the first time a UK Court has given judgment on the area, while noting the limited Irish and US jurisprudence on the topic.
Predictive coding, often referred to as technology assisted review, is the use of computer software to review and analyse documents, determining if they are of relevance to the issues of the case. It is not without human input however, as the computer must first be "trained" in order to determine relevance. Based on the training received the software can review and score documents for relevancy, subject to quality assurance exercises carried out by the human reviewer.
Europe is today celebrating Data Protection Day, with this year’s celebrations coinciding with the recent political agreement for the finalised text of the new General Data Protection Regulation (GDPR) (for further information – see our earlier blog post). One of the many events organised across Europe in conjunction with Data Protection Day was the National Data Protection Conference, which took place over the course of yesterday and today.
The Department of Justice yesterday published the Criminal Justice (Offences Relating to Information Systems) Bill 2016. The Bill, which is long overdue, will replace some of the existing patchwork of cybercrime legislation.
The primary purpose of the Bill is to transpose the European Directive 2013/40 or the Cybercrime Directive as it is more commonly known. The Cybercrime Directive is aimed at harmonising Member States’ criminal law in the area of cybercrime by creating minimum rules for the definition of cybercrime offences and the relevant sanctions and to improve cooperation between competent authorities.